Export limit exceeded: 350507 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350507 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4075 | 1 Mycfnuke | 1 Cf Nuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in CF_Nuke 4.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) newsid parameter in the news sector, and (3) cat parameter in the links sector. | ||||
| CVE-2001-1269 | 2 Info-zip, Redhat | 3 Unzip, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character. | ||||
| CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2001-1263 | 1 Pragma Systems | 1 Interaccess | 2026-04-16 | N/A |
| telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow. | ||||
| CVE-2004-1603 | 1 Cpanel | 1 Cpanel | 2026-04-16 | 5.5 Medium |
| cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled. | ||||
| CVE-2005-4074 | 1 Mycfnuke | 1 Cf Nuke | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.cfm in CF_Nuke 4.6 and earlier, when Sandbox Security is disabled, allows remote attackers to include arbitrary local .cfm files via a .. (dot dot) in the (1) sector or (2) page parameters. | ||||
| CVE-2004-1601 | 1 Coolphp | 1 Coolphp Web Portal | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to access arbitrary files and execute local PHP scripts via a .. (dot dot) in the op parameter. | ||||
| CVE-2001-1257 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email. | ||||
| CVE-2001-1255 | 2 Mysql, Oracle | 2 Winmysqladmin, Mysql | 2026-04-16 | N/A |
| WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. | ||||
| CVE-2006-1747 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter to (1) admin/admin.php, (2) war.php, (3) stats.php, (4) news.php, (5) joinus.php, (6) challenge.php, (7) calendar.php, (8) member.php, (9) popup.php, and other unspecified scripts in the admin folder. NOTE: these are different attack vectors than CVE-2006-1636 and CVE-2006-1503. | ||||
| CVE-2006-1708 | 1 Clansys | 1 Clansys | 2026-04-16 | N/A |
| SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php. | ||||
| CVE-2001-1220 | 1 D-link | 1 Dwl-1000ap | 2026-04-16 | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | ||||
| CVE-2005-4073 | 1 Cfmagic | 1 Magic List Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in view_archive.cfm in CFMagic Magic List Pro 2.5 allows remote attackers to execute arbitrary SQL commands via the ListID parameter. | ||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2026-04-16 | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | ||||
| CVE-2004-1559 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php. | ||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | ||||
| CVE-2001-1199 | 1 Steve Kneizys | 1 Agora.cgi | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter. | ||||
| CVE-2005-4072 | 1 Cfmagic | 1 Magic Forum Personal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in search_forums.cfm, as used in the "Search For:" field. | ||||
| CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2026-04-16 | N/A |
| xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | ||||
| CVE-2005-4069 | 1 Sunncomm | 1 Mediamax Drm | 2026-04-16 | N/A |
| SunnComm MediaMax DRM 5.0.21.0, as used by Sony BMG, assigns insecure Everyone/Full Control permissions to the "SunnComm Shared" directory, which allows local users to gain privileges by modifying programs installed in that directory, such as MMX.exe. | ||||